Main menu

Crypto

Certificate Transparency is a great idea. All certificate-related activities on a certificate authority will be logged into a public database(it's a merkle-table), so that anyone can monitor or review the certificates. Commodo published a very handy web-tool to query the logs.

End-To-End-Encryption is nothing new. With messengers like Whatsapp or Telegram it's again an issue. If E2E-Encryption means that nobody but the endpoints are able to encrypt the messages, then how is this feature implemented so seamlessly?

Lets Encrypt was lately quite often in the media. Letsencrypt is a very easy to use tool which provides certificates for free. Those certificates are valid on most common browsers. I never understood why certificates are expensive that's why I tried out letsencrypt(and I like it!).
In this article, I will replace all cacert-certificates on a kolab-server. Therefore I will install the letsencrypt-certificate on: apache2, cyrus-imapd and postfix.

If you want to setup a ssl-certificate with multiple subdomains(of the same domain), you'll have to generate a certificate with alternative names. We can achieve this using some parameters in our openssl.cnf...